8ec24e25de4e5084fe46215a51a3708f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8ec24e25de4e5084fe46215a51a3708f_JaffaCakes118
Size

27KB
MD5

8ec24e25de4e5084fe46215a51a3708f
SHA1

50d11ec9d971c6d975c1d8df642f655aac653127
SHA256

7e376cc7916736929493a6bcdf8f1790ed2fa2fdb1025f92a179f4ac26a1d863
SHA512

647ec6203dedb15ba96d61c6b04606547aa8e02fd00b81f9972049b1aa4c0d442ae83b5ea06378610d62491c5ea18d32787db70c83a2c2e5e10b3ffd7ba743f0
SSDEEP

384:RUNTSudrqyYtq1tJGRQROH+OG0zAgO5I6A5NHe+vVHSzg58rMotjtkf:BudrrYtqtJGRQKUgO5k9HSzM4tM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ec24e25de4e5084fe46215a51a3708f_JaffaCakes118

Files

8ec24e25de4e5084fe46215a51a3708f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d8b4978d9c0d2fafb66d01e615a7361

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegCloseKey
RegOpenKeyExW

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList

kernel32

LoadLibraryW
LocalFree
GetDateFormatW
lstrlenW
GetWindowsDirectoryW
lstrcpyW
DisableThreadLibraryCalls
lstrcatW
lstrcpynW
CreateFileW
GetModuleFileNameW
UnhandledExceptionFilter
GetCurrentProcess
LocalAlloc
GetModuleHandleW
CloseHandle
GetLocaleInfoW
GetProcAddress
MultiByteToWideChar
GetModuleHandleA
GetVersionExA
FormatMessageW
InterlockedExchange
GetLastError
GetSystemPowerStatus
DeviceIoControl
SetUnhandledExceptionFilter
TerminateProcess
lstrcmpW

ntdll

NtAllocateVirtualMemory
LdrUnloadDll

user32

EndDialog
GetWindowRect
WinHelpW
CharNextA
DialogBoxParamW
SendMessageW
RegisterDeviceNotificationW
MoveWindow
GetSystemMetrics
LoadStringW
SetWindowTextW
ShowWindow
SendDlgItemMessageW
CharNextW
SystemParametersInfoW
ScreenToClient
CreateDialogParamW
DestroyIcon
GetDlgItem
SetDlgItemTextW

iphlpapi

CreateIpNetEntry

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d8b4978d9c0d2fafb66d01e615a7361

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

setupapi

kernel32

ntdll

user32

iphlpapi

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 512B - Virtual size: 224B

.data Size: 1024B - Virtual size: 72KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 512B - Virtual size: 20B

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 512B - Virtual size: 224B

.data
Size: 1024B - Virtual size: 72KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 512B - Virtual size: 20B